Re: [TLS] Summary of discussion regarding spontaneuous authentication
Santosh Chokhani <schokhani@cygnacom.com> Tue, 28 October 2014 16:56 UTC
Return-Path: <schokhani@cygnacom.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6FFBD1A6EF9 for <tls@ietfa.amsl.com>; Tue, 28 Oct 2014 09:56:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.911
X-Spam-Level:
X-Spam-Status: No, score=-1.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id big1PT8b5oC5 for <tls@ietfa.amsl.com>; Tue, 28 Oct 2014 09:56:56 -0700 (PDT)
Received: from ipedge2.cygnacom.com (ipedge2.cygnacom.com [216.191.252.27]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 82CA21A891C for <tls@ietf.org>; Tue, 28 Oct 2014 09:56:56 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="5.04,803,1406606400"; d="scan'208";a="2501876"
Received: from unknown (HELO scygexch10.cygnacom.com) ([10.4.60.26]) by ipedge2.cygnacom.com with ESMTP; 28 Oct 2014 12:56:55 -0400
Received: from SCYGEXCH10.cygnacom.com ([::1]) by scygexch10.cygnacom.com ([::1]) with mapi id 14.03.0195.001; Tue, 28 Oct 2014 12:56:54 -0400
From: Santosh Chokhani <schokhani@cygnacom.com>
To: Martin Thomson <martin.thomson@gmail.com>, Joseph Salowey <joe@salowey.net>
Thread-Topic: [TLS] Summary of discussion regarding spontaneuous authentication
Thread-Index: AQHP7fDJAlDa05ExwUGd7WlSHO2iupw8VaqAgAAD/4CAAAUPgIAAEZiAgAAZRQCACEJbAIAAajAAgAADmoCAAIf9UA==
Date: Tue, 28 Oct 2014 16:56:53 +0000
Message-ID: <4262AC0DB9856847A2D00EF817E81139243CBD@scygexch10.cygnacom.com>
References: <CABkgnnUAhEV=wLZyTew=ne7VgSq50XYR3Fo5EfjNXc8=_hbpyg@mail.gmail.com> <CABkgnnXAk+HU2yaUJdOQ0w-heHwYrPK6Zf3HrH5tU+2Tk7_cCA@mail.gmail.com> <20141022125359.GA18704@LK-Perkele-VII> <CABkgnnW=aVzsi+cq=icpn4z9PjFuoiu_LQz_mnfeyPPom6LROQ@mail.gmail.com> <20141022132623.GA19894@LK-Perkele-VII> <CABkgnnVe3T56ia-bxgqNrpF_vXQD=T7xisrZb0Szu+L1X05+NQ@mail.gmail.com> <2A0EFB9C05D0164E98F19BB0AF3708C71D3A8C4F98@USMBX1.msg.corp.akamai.com> <CABcZeBNvtOi9UuQGdbuxvPGqZqRx+ZCw9CvMp830Dpq47WwxVg@mail.gmail.com> <CAOgPGoBMqevV6FbjtP3V_E8bsKVZAfV9rWphTAwBBOfeauZzzw@mail.gmail.com> <CABkgnnUB+6ZqJ-dUGnViSDjsLQ3ZzMUGKLTUfnR01b+qbX2Y9A@mail.gmail.com>
In-Reply-To: <CABkgnnUB+6ZqJ-dUGnViSDjsLQ3ZzMUGKLTUfnR01b+qbX2Y9A@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.60.117.7]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/GDojpXVD7Tv-LFwuoGs0rK6Klbc
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Summary of discussion regarding spontaneuous authentication
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Oct 2014 16:56:58 -0000
CA list has been a double-edged sword. For cross certified environments, some clients do not present a valid certificate when the Server root and the client root are cross certified and both parties can build valid paths. Browsers vendors have not fixed this concern. -----Original Message----- From: TLS [mailto:tls-bounces@ietf.org] On Behalf Of Martin Thomson Sent: Tuesday, October 28, 2014 12:40 AM To: Joseph Salowey Cc: tls@ietf.org Subject: Re: [TLS] Summary of discussion regarding spontaneuous authentication On 27 October 2014 21:27, Joseph Salowey <joe@salowey.net> wrote: > While I'm not a huge fan of the certificate authorities list, I'm not > sure that punting this to the application layer is the right thing to do. Would you be interested perhaps in an optional TLS extension that allows both client and server to express something about what they are willing to consider as being authoritative? _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
- [TLS] Summary of discussion regarding spontaneuou… Martin Thomson
- Re: [TLS] Summary of discussion regarding spontan… Martin Thomson
- Re: [TLS] Summary of discussion regarding spontan… Tom Ritter
- Re: [TLS] Summary of discussion regarding spontan… Ilari Liusvaara
- Re: [TLS] Summary of discussion regarding spontan… Manuel Pégourié-Gonnard
- Re: [TLS] Summary of discussion regarding spontan… Martin Thomson
- Re: [TLS] Summary of discussion regarding spontan… Ilari Liusvaara
- Re: [TLS] Summary of discussion regarding spontan… Martin Thomson
- Re: [TLS] Summary of discussion regarding spontan… Manuel Pégourié-Gonnard
- Re: [TLS] Summary of discussion regarding spontan… Watson Ladd
- Re: [TLS] Summary of discussion regarding spontan… Eric Rescorla
- Re: [TLS] Summary of discussion regarding spontan… Watson Ladd
- Re: [TLS] Summary of discussion regarding spontan… Martin Thomson
- Re: [TLS] Summary of discussion regarding spontan… Ilari Liusvaara
- Re: [TLS] Summary of discussion regarding spontan… Martin Rex
- Re: [TLS] Summary of discussion regarding spontan… Salz, Rich
- Re: [TLS] Summary of discussion regarding spontan… Tom Ritter
- Re: [TLS] Summary of discussion regarding spontan… Joseph Salowey
- Re: [TLS] Summary of discussion regarding spontan… Martin Thomson
- Re: [TLS] Summary of discussion regarding spontan… Andrei Popov
- Re: [TLS] Summary of discussion regarding spontan… Manuel Pégourié-Gonnard
- Re: [TLS] Summary of discussion regarding spontan… Eric Rescorla
- Re: [TLS] Summary of discussion regarding spontan… Martin Thomson
- Re: [TLS] Summary of discussion regarding spontan… Joseph Salowey
- Re: [TLS] Summary of discussion regarding spontan… Martin Thomson
- Re: [TLS] Summary of discussion regarding spontan… Joseph Salowey
- Re: [TLS] Summary of discussion regarding spontan… Peter Gutmann
- Re: [TLS] Summary of discussion regarding spontan… Santosh Chokhani